Flash Security I’ll talk about; o RIA, Web 2.0 and Security o What is Crossdomain.xml? Why does it exist? o Only problem about Flash : XSS o XSS and Impact of XSS Attacks o Attack Surface of Flash Applications Global Parameters External Resources o Same-origin Policy and Flash Embedding o High Security Required Applications and Flash Not going to talk about these, at least not today; o Server-side Flash Security o Attacking users via Flash o Flash Vulnerabilities
RIA, Web 2.0 and Security Complexity is the worst enemy of security Every new component in the browser is a new threat AJAX, Silverlight, AIR, Flash, Java, Myspace Upload ActiveX etc. All of these are potential security problems. Every new technology comes with new style of development and it takes time to have secure “best practices”.
HTML Text Area If HTML enabled in the textareas and if the data loaded up dynamically http://example.com/XSS/riaac3.swf?_Ghtml=
LoadClip, xml.load Are external resources secure? Hardly coded or configuration files coming from a secure place? You should check for configuration location and should not this from the user input.
Flash usage in highly security required systems Why it can be a problem? Increased attack surface
Sum it Up! Loaded configurations should be coming from trusted domains, Loaded external resources should be coming from trusted domains.
Sum it Up! When you are using Htmltext be sure that loaded data is sanitised and encoded.
References, Resources and Tools Flashsec Wiki OWASP – Finding Vulnerabilities in Flash Applications SWFIntruder Flare and similar decompilers